>From: owner-openssl-users On Behalf Of Luis Rocha >Sent: Monday, October 28, 2013 18:48
>I'm trying to compare the results of the openssl tool with the cryptool 1.4.31 >+ Filename topsecret.txt which only contains the character 'a' >+ Encrypt it with DES using CBC mode with key and iv = 0 produces the result '32ea a0fa 4f77 fb92' <snip> >+ If I use the cryptool 1.4.31 to do the same exercise the result is '0C29 5D71 8258 D464' >+ I also noticed that openssl generates the same output for different modes [des-ecb]. As noted, first block of CBC with IV 0 is the same as ECB. Data over 7/8 bytes or different IV will be different. CFB or OFB is different (but for 1 byte equal to each other). >While if I do the same in Cryptool the output for the ECB mode is: >'841B D8A4 2931 FCF5' The openssl 'enc' value is the '1DES' encryption with key all-0 of 61070707 07070707 which is your input with PKCS#5 padding. The second (ECB) cryptool value is the encryption of 61000000 00000000 i.e. zero padded. Which is only safe for restricted data and thus undesirable for most use. You probably can specify PKCS#5 padding somewhere. The first (CBC) cryptool value is the encryption of 61000000 00000001 . This is not any sensible kind of padding if the IV is truly zero, but it could be zero-padded data if the IV is actually 00000000 00000001 ? (I assume you realize 1DES has not been secure for a decade now, and you are not using it on any real data.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
